Re: [Monotone-devel] Fwd: VCS comparison table

[Timothy Brownawell]

On Sat, 2006-10-21 at 09:07 +1000, Brian May wrote:
>     Ulf> someone fix the DOS vulnerability in mtn serve - being able
> 
> What DOS vulnerability is this?

The server has non-trivial resource usage per connection, and merkle
refinement in particular takes a while (and is atomic WRT our select
loop). So anyone with read access (anyone at all, if anonymous read is
enabled) can stall things indefinitely (and eat all your CPU) just by
repeatedly pulling '*' and disconnecting after the server starts
refinement.

It used to be the case that our multiplexing didn't work properly, so
the first connection would starve later connections. This is fixed.

I think someone mentioned that a dropped connection (such as from an
unplugged network cable) will make the server I(). I don't know what the
status of this is.

It looks like a netcmd packet can be up to 128MB. A client could
probably make the server eat 128MB per connection (or maybe 256MB, I
think it actually buffers up to 2*netcmd_maxsz bytes), by sending a
really really long include/exclude pattern. This works even without read
access, because the server doesn't know whether you have permissions
until it parses the first netcmd packet you send. Note that making this
limit smaller would limit the maximum size of files in a repo that you
wanted to sync; fixing this would mean having a much smaller buffer
limit for not-yet-authenticated connections.

-- 
Timothy

Free (experimental) public monotone hosting: http://mtn-host.prjek.net